Meanwhile, moves in Europe that were in part a response to revelations about the NSA may have a significant impact on how marketers plan global campaigns using iBeacon/Bluetooth LE technology.

In the U.S., the voluntary code of conduct announced by Schumer has been signed onto by companies that might not, at first blush, be household names, but that nonetheless power a big chunk of the back-end technologies that let marketers precisely geolocate customers in stores. They include Radius Networks, a company we’re big fans of for their work on Bluetooth LE technologies and how they’re helping to advance Android adoption.

According to TechCrunch, the code of conduct is in response to data collection that’s tied to a specific user:

“If it’s anonymised, then data companies, at least under this code, will be free to continue with their data collection. “Notice does not have to be provided when (1) the information logged is not unique to an individual device or user, or (2) it is promptly aggregated so as not to be unique to a device or user, and individual information is not retained,” the Code notes. “For example, simply logging device types encountered does not require notice, nor does counting the total number of times unspecified mobile devices have been detected by a network. If a company only provides aggregated data to clients but still collects and retains device-level information, this exception will not apply and notice must be provided.”

European Legislation Will Redefine Privacy and Consent
But the European Union may disagree. And as technologies are built with a global reach, the Code of Conduct in the U.S. may bump up against regulations across the pond.

On Monday, the European Union approved sweeping legislation which will now head for a full vote. The legislation was spearheaded by Jan Abrecht and will, in part, plug gaps in how data can be spied upon. The reach of the legislation might not have been possible in the face of intense lobbying if it hadn’t been for the unexpected role a single man could play: Edward Snowden.

But it isn’t just the NSA that will feel the pinch. Marketers will feel it too. According to AdAge, the concept of ‘anonymous’ data is being revamped and we’ll need more than just the ability to opt out:

“The first crucial issue is around the definition of personal data. The Data Protection Regulation could include not just truly personal information like names, bank details and passport numbers, but all sorts of identifiers that marketers routinely use – and consider to be anonymous — in the world of big data.

The second centers on the definition of consent. The regulation is looking for explicit, prior, opt-in consent at every turn, asking consumers to negotiate a cookie wall before they can even check the weather or read the news. “From a marketer point of view it’s totally disproportionate,” Mr. Lohan argued.”

So while Schumer’s code of conduct goes a long way to side-stepping regulation in the U.S. by encouraging self-regulation by the developers of technologies that can precisely geo-locate customers, we might end up with global walled gardens where there are technologies that are fine on one continent but a non-starter in another.

And we’re not talking a minor matter: the EU is proposing mega fines in the billions against companies that don’t comply.

Gerd Leonhard, CEO of the Futures Agency, sums up one viewpoint quite nicely over at AdAge:

He predicted that advertising without permission will become “almost extinct.” He said, “Hyper intelligent advertising is the only way forward. This will require consent – and the way to get permission is through trust, transparency, honesty, user-empowerment and customer delight.”

The Benefit of iBeacons
So where does it leave iBeacon and Bluetooth LE technology? One benefit of beacons is that they require consent, something that has been absent in deployments of WiFi tracking, for example: Bluetooth needs to be turned on on your phone and a beacon doesn’t do anything more than broadcast a signal. Your app only wakes up when it discovers a beacon nearby, and you’ll need to give the app permission to find you as well.

But for marketers, it’s what you do ONCE the iBeacon is connected to the device that matters. If you’re scraping heat maps as a customer walks through your store and connecting the data to non-anonymized information, you might want to give Chuck Schumer a call and see what he thinks.

But don’t bother giving Jan Albrecht a call, however, because we already know what he thinks: don’t.

2 thoughts on “The Future of iBeacons: A Code of Conduct (for the NSA?)”

Good legislation is key for this since abuses will not be with big splashy annoyance, but rather super quiet data aggregation. And a certain level of this will be helpful to all. But finding the right level is where the challenge lies for public policy.

Absolutely agree. I can’t help thinking that we also need a ‘tweak’ to how incentives are embedded in the Internet of Things – and not make some of the same mistakes we made on the Web around authorship and the ability to monetize ‘content’.

More on that in a future post but I agree – somewhere between Europe and the U.S. is the happy middle…and being from Canada maybe it’s here 😉